Cisco Switch Stack – Stack Master Election

When stacking multiple Cisco switches together in a stack there needs to be one switch in the stack that is designated as the “master” switch which can be thought of as the lead switch in the stack. The purpose of this post is to outline the criteria that go into the stack master election process so when you are building a stack you will be able to choose the switch you want to be elected master and understand the process the switches go through to select a master switch for their selves in the event you don’t specify a stack master. It is important to note the stack master is elected when a switch boots, and if the switch that is booting is connected to an existing stack that already has a master it will be able to detect that and will become a member switch.

The criteria in winning a stack master election is as follows and in this order

1: An existing switch that is already master in the stack.

2: The switch that is assigned the highest stack member priority

3: The switch that is not using the default interface level configuration

4: The switch with the higher priority feature set and software image, they are as follows

a. IP services and cryptographic software images

b. IP services with the noncryptographic software image

c. IP base and cryptographic software images

d. IP base with the noncryptographic software image

5. The switch with the lowest MAC address

If a switch is not powered on within a 20 second time frame from the first switch in the stack it will not participate in the stack master election because it will miss the window, in the event that this happens the switch will join to the stack as a member. Once the stack master is elected it will remain the stack master unless the switch stack is reset, the stack master is removed from the stack, the stack master fails or is reset, or if you add a switch that is already powered on into the stack that switch will overtake the existing master and become the newstack master.

By default when installing OpenSSH it will be configured to accept a user name and password combination for authentication. To increase security you can enable key based authentication and disable password authentication so that when [...]